OpenVZ Forum


Home » Mailing lists » Devel » containers development plans
Re: containers development plans [message #14872 is a reply to message #14871] Thu, 12 July 2007 10:44 Go to previous messageGo to previous message
Paul Menage is currently offline  Paul Menage
Messages: 642
Registered: September 2006
Senior Member
On 7/12/07, Kirill Korotaev <dev@sw.ru> wrote:
>
> Not sure why it requires some additional controller, but surely
> it is possible to create a match for iptables matching container ID.

But which container ID? Don't forget that a task is in one container
in each hierarchy of which there could be more than one. At its
simplest this new subsystem could just be a way to tell iptables which
hierarchy to look at when matching based on container id. In practice
it's probably reasonable to make the "iptables container id"
user-settable since userspace is building the iptables rules and might
want to use its own numbering scheme for the ids. (E.g. all container
IDs in a particular range have the same kinds of permissions).

Paul

Report message to a moderator

[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Re: [RFC][-mm PATCH 2/8] Memory controller containers setup (v3)
Next Topic: containers development plans (July 20 version)
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Thu Aug 15 22:18:23 GMT 2024

Total time taken to generate the page: 0.02878 seconds
Powered by FUDforum Powered by Virtuozzo Containers